June 13 — Earlier today, the US healthcare conglomerate known as Kaiser Permanente disclosed a data breach that affects as many as 69,589 individuals. According to information on the group’s website, an unauthorized entity had obtained access to internal emails on April 5th of this year.
Kaiser Permanente reportedly terminated access “within hours,” launching an investigation immediately thereafter. Despite the fact that no evidence suggests any tampering with emails or theft of protected health information, the organization could not rule out the possibility.
The emails in question contained names, dates of service, medical record numbers and laboratory test result information. Upon discovery of the attack, administrators reset affected employees’ passwords, and employees received training around email security best practices. Kaiser Permanente also reports exploring additional options to prevent future incidents.
Financial information (social security card numbers and credit card numbers) were not exposed through the breach, according to the healthcare provider.
Kaiser Permanente began to notify affected patients by mail on June 3rd. At present, all affected patients appear to be located in Washington State. Those affected by the incident will be offered a year’s worth of free credit monitoring services.
For more on this story, please visit HealthITSecurity.com. To see CyberTalk.org’s past data breach coverage, click here. Lastly, to receive cutting-edge cyber security news, exclusive interviews, expert analyses and security resources, please sign up for the CyberTalk.org newsletter.